0b1d2b9293re-add Data::Page as requested by configure
Lars Vogdt
2024-09-20 13:59:57 +00:00
4acec32cebfix perl(Module::Runtime)
Lars Vogdt
2024-09-20 13:56:30 +00:00
3bc056b7beupdate version
Lars Vogdt
2024-09-20 13:52:49 +00:00
cc0c0cd640- update to 5.0.7 Lifecycle Updates
Lars Vogdt
2024-09-20 13:52:26 +00:00
9199dd16c5Accepting request 1156184 from home:tinita:branches:d:l:pDirk Stoecker2024-03-08 10:08:52 +00:00
a5fe842300- update to 5.0.2 Security * In previous versions, RT's native login system is vulnerable to user enumeration through a timing side-channel attack. This means an external entity could try to find valid usernames by attempting logins and comparing the time to evaluate each login attempt for valid and invalid usernames. This vulnerability does not allow any access to the RT system. This vulnerability is assigned CVE-2021-38562 and is fixed in this release. * RT uses the chart.js package and the previous version has vulnerabilities described here: https://snyk.io/test/npm/chart.js/2.8.0 This RT release updates chart.js to version 2.9.4 as recommended in that advisory. General features and fixes * Update Starts on SLA changes even if Starts was already set * Accept usernames for email input fields on ticket create/update * Support group:NAME and group:ID in non-single role input fields * Create an autocompleter for Principals (works with both users and groups) * Support more characters for user/group names in non-single role input fields * Normalize and validate time inputs * Support to generate different dashboard content for each recipient * Use user timezone for date "=" queries in ticket search * Add "Create Via Email" and "Create Via Web" conditions * Fix table wrapping error in Ticket/Update.html * Don't escape queue name in title generation stage as it'll be escaped later * Allow to squelch recipients that also exist in one time inputs * Show all valid statuses on Asset bulk update page * In the datepicker, reset the time part after date input is cleared * Support columns as values in ticket search (ticket values on right-hand side in searches) * Support a friendly syntax for custom field columns as values in ticket search * Allow to specify CF Content/LargeContent columns in the keyword part of SQL * Support role searches like Owner = CF.cid or Owner = Creator
Lars Vogdt
2021-10-11 10:51:01 +00:00
6a71e7319dfix directory permissions
Lars Vogdt
2021-04-20 21:03:39 +00:00
7563117fc3- install GnuPG, RT-Shredder and SMIME work directories - enhance README.SUSE
Lars Vogdt
2021-04-20 21:01:46 +00:00
a8df46e4d7- sort the layout file to match the current RT5 path layout - install GnuPG and SMIME directories - recommend w3m, because of: "Running with the internal HTML converter can result in performance issues with some HTML. Install one of the following utilities with your package manager to improve performance with an external tool: w3m, elinks, links, html2text, lynx"
Lars Vogdt
2021-04-20 08:44:14 +00:00
9e16f60030+ perl(GnuPG::Interface)
Lars Vogdt
2021-04-13 20:56:11 +00:00
4a2b82a814- update to 5.0.1: Database Changes + For MySQL and MariaDB, the default character set has been updated to utf8mb4 to accommodate more unicode characters including emojis. See README.MySQL and README.MariaDB for details. + The Id field in some tables is changed from INT to BIGINT to accommodate large RT systems that may hit the maximum number of ids. Because this change touches large RT tables like Transactions and Attachments, this upgrade step may take a while to run. + You also will need free disk space equal to the size of these tables while running because MySQL, MariaDB, and Postgres will create a temporary copy of the table while running. If you don't have sufficient space, it can cause this step to fail. Notable Changes + System configuration options can now be changed by SuperUsers via the web UI. File-based configuration options are still loaded. Changes made via the web UI take precedence over file-based options if both are set. + If you prefer to keep all configuration in files and disable editing in the web UI, set this option to 0: Set($ShowEditSystemConfig, 0); + The variables which alter the set of HTML elements allowed in HTML scrubbing have moved; they have been renamed, and are now found under RT::Interface::Web::Scrubber. + The articles interface on tickets has been simplified, now showing only a dropdown for selecting articles. This dropdown converts to an autocomplete box when the dropdown contains more than $DropdownMenuLimit items. + With this simplified interface, the "hotlist" feature is no longer needed as all articles in classes applied to a given queue are available in the dropdown/autocomplete field. To prevent articles in a class from appearing for a queue, you can unapply the class from that queue.
Lars Vogdt
2021-04-13 16:33:18 +00:00
88dbc06927- enhanced README.SUSE with a section about the new timers
Lars Vogdt
2020-05-04 19:15:32 +00:00
dd806ff1c5- replace cron scripts with systemd timer scripts on systems using systemd (boo#1115430)
Lars Vogdt
2020-05-04 19:07:09 +00:00
bc50678cca- recommend perl(HTML::FormatExternal) to allow RT to use external programms to render HTML to plain text (optional feature)
Lars Vogdt
2019-03-14 14:53:28 +00:00
8cb19edcb5- recommend perl(HTML::Gumbo), as this is an optional dependency for showing a broader set of rich text (HTML) message features
Lars Vogdt
2019-03-14 14:46:56 +00:00
e950a3fd00- update to 4.4.4: Security Updates + One of RT's dependencies, the Perl module Email::Address, has a denial of service vulnerability which could induce a denial of service of RT itself. We recommend updating to Email::Address version 1.912 or later. The Email::Address vulnerabilities are assigned CVE-2015-7686 and CVE-2015-12558. CVE-2015-7686 was addressed in RT with a previous update. Email::Address version 1.912 addresses both of these CVEs with updates directly in the source module. + One of RT's dependencies, the Perl module Email::Address::List, relies on and operates similarly to Email::Address and therefore also has potential denial of service vulnerabilities. These vulnerabilities are assigned CVE-2018-18898. We recommend administrators install Email::Address::List version 0.06 or later. + An optional RT dependency, HTML::Gumbo, incorrectly escaped HTML in some cases. Since RT relies on this module to escape HTML content, it's possible this issue could allow malicious HTML to be displayed in RT. For RT's using this optional module, we recommend administrators install HTML::Gumbo version 0.18 or later. * The version of jQuery used in RT 4.2 and 4.4 has a Cross-site Scripting (XSS) vulnerability when using cross-domain Ajax requests. This vulnerability is assigned CVE-2015-9251. RT does not use this jQuery feature so it is not directly vulnerable. jQuery version 1.12 no longer receives official updates, however a fix was posted with recommendations for applications to patch locally, so RT will follow this recommendation and ship with a patched version. EU General Data Protection Regulation (GDPR) Several new features were added to support GDPR compliance and are summarized here.
Lars Vogdt
2019-03-14 13:50:49 +00:00
b3a1237eae- update to 4.4.3 General user UI * Show the Ticket's Subject when modifying the ticket. * Re-format RT/Config.pm so the # loc comment parses correctly. * Sort saved searches alphabetically by name rather than by id. * In Self Service, provide a path to remove attachments from the session when they are deleted from dropzone by the user (I#32663). * Fix evaluation of set vs. unset custom fields on display for correct hiding. * Set dropzone attachment size based on RT's MaxAttachmentSize configuration. * Add a configuration option TreatAttachedEmailAsFiles to treat attached email as a file attachment instead of parsing as regular email. * Restore email header parsing for items like email addresses when TreatAttachedEmailAsFiles is not set. This was disabled in a previous version. * Respect default queue settings in Create linked ticket dropdown (I#32884). * More fixes for recipient checkboxes on update. This version removes previous problematic fixes and gives a visual indication (shading) when RT is updating recipients in the background and checkboxes should not be changed (I#33027). * Provide a way to reset personal search preferences back to the RT system default (I#32854). * Add an Untake action to the Actions tab. * Add active and inactive status to query builder. * Re-add Queue to 'Order by' dropdown in Search Builder. * Make admin searches for queue and group case insensitive making it easier to find groups. * When editing ticket basics, always add valid default value to queue selection, taking into account SeeQueue rights. * Set dropzone parallelUploads to 1 to avoid losing attachments. Also set parallelUploads when the dropzone object is created. * Correct error messages on user rights for CF admin UI.
Lars Vogdt
2018-09-12 21:48:21 +00:00
54585b4d3b- update to 4.4.2 Security * RT 4.0.0 and above are vulnerable to an information leak of cross-site request forgery (CSRF) verification tokens if a user visits a specific URL crafted by an attacker. This vulnerability is assigned CVE-2017-5943. It was discovered by a third-party security researcher. * RT 4.0.0 and above are vulnerable to a cross-site scripting (XSS) attack if an attacker uploads a malicious file with a certain content type. Installations which use the AlwaysDownloadAttachments config setting are unaffected. This fix addresses all existant and future uploaded attachments. This vulnerability is assigned CVE-2016-6127. This was responsibly disclosed to us first by Scott Russo and the GE Application Security Assessment Team. * One of RT's dependencies, a Perl module named Email::Address, has a denial of service vulnerability which could induce a denial of service of RT itself. We recommend administrators install Email::Address version 1.908 or above, though we additionally provide a new workaround within RT. The Email::Address vulnerability was assigned CVE-2015-7686. This vulnerability's application to RT was brought to our attention by Pali Rohár. * RT 4.0.0 and above are vulnerable to timing side-channel attacks for user passwords. By carefully measuring millions or billions of login attempts, an attacker could crack a user's password even over the internet. RT now uses a constant-time comparison algorithm for secrets to thwart such attacks. This vulnerability is assigned CVE-2017-5361. This was responsibly disclosed to us by Aaron Kondziela. * RT's ExternalAuth feature is vulnerable to a similar timing side-channel attack. Both RT 4.0/4.2 with the widely-deployed RT::Authen::ExternalAuth extension, as well as the core ExternalAuth feature in RT 4.4 are vulnerable. Installations which don't use ExternalAuth, or which use
Lars Vogdt
2017-09-25 09:37:49 +00:00
c3ec40438f- Added two more packages to Requires: perl(CSS::Minifier::XS) and perl(JavaScript::Minifier::XS)
Martin Caj
2017-05-17 15:00:31 +00:00
97d3ebb314Accepting request 493108 from home:mcaj:branches:devel:languages:perl
Lars Vogdt
2017-05-10 20:31:26 +00:00
9c1b9f8263- update to 4.2.13: General User UI * Avoid race condition where a ticket's Started timestamp could be before its Created timestamp * Users without ability to update a saved search are no longer shown an Update button * IP custom field textboxes now wide enough for full IPv6 addresses (I#24565) * Self-service Cc field now allows for autocompleting multiple users * When possible sort charts numerically rather than ascii-betically * QuickCreate now respects DefaultQueue and RememberDefaultQueue (I#30913) * Make user preferences use label tags for better clickiness (I#30953) * Hide "Transaction has no content" from Extract Article (I#31027) * Improve CSRF detection by whitelisting more specific parameters (I#31090) * Empty selection boxes no longer render 1px wide (I#31316) * Show queue ID if the user can't see the queue name * Search builder display format now properly supports "large" sizing * Fix SMIME encoding issue (I#31155) * Improve messaging and logging around reminders that users can't see * Queue name on ticket display is now a link to a search for all active tickets in that queue * Support autocomplete custom fields in bulk update (I#15259) * Hint to the user that not all CF types are supported by bulk update, instead of silently excluding them (I#15259) * Improve compliance with RFC4480 for GPG armor lines (I#30372) * Restore behavior of $EditCustomFieldsSingleColumn config (I#18555) * Fix a regression with time zones in datetime custom fields (I#31674) * Fix certain attachment links containing HTML metacharacters from double escaping (I#31751) * Fix custom attachment URLs for self-service users (I#30960) Database
Lars Vogdt
2017-01-09 12:53:56 +00:00
e5d5258b9d- adapt apache configuration to be able to run with mod_authz_core (apache 2.4) and the old apache < 2.4 auth module - also allow IPv6 addresses
Lars Vogdt
2016-01-23 11:58:01 +00:00
a84fd24248- update to 4.2.12: + This release is a security release which addresses the following vulnerabilities: ++ RT 4.0.0 and above are vulnerable to a cross-site scripting (XSS) attack via the user and group rights management pages. This vulnerability is assigned CVE-2015-5475. It was discovered and reported by Marcin Kopeć at Data Reliance Shared Service Center. ++ RT 4.2.0 and above are vulnerable to a cross-site scripting (XSS) attack via the cryptography interface. This vulnerability could allow an attacker with a carefully-crafted key to inject JavaScript into RT's user interface. Installations which use neither GnuPG nor S/MIME are unaffected. From 4.2.11: + improves indexing time for full-text search + improving support for Apache 2.4 and MySQL 5.5 + Interactive command-line tools (including upgrade tools) will now also default to displaying warnings to STDERR, to aid in awareness of potential errors. - refreshed request-tracker-use_local_lib.patch
Lars Vogdt
2015-08-17 13:34:13 +00:00
0bac3653fd- Add requires for Data::UUID, required by rt-server
Darin Perusich
2015-03-30 15:12:49 +00:00
e4b0b9f871- update to 4.2.10 This release is primarily a security release; it addresses CVE-014-9472, a denial-of-service via RT's email gateway, as well as CVE-2015-1165 and CVE-2015-1464, which allow for information disclosure and session hijacking via RT's RSS feeds. + General user UI * Speed up the default simple search on all FTS-enabled installs by not OR'ing it with a Subject match. This returns equivalent results for almost all tickets, and allows the database to make full use of the FTS index. * Pressing enter in user preference form fields no longer instead resets the auth token (#19431) * Pressing enter in ticket create and modify form fields now creates or updates the ticket, instead being equivalent to "add more attachments", or the "search" on People pages (#19431) * Properly encode headers in forwarded emails that contain non-ASCII text (#29753) * Allow users to customize visibility of chart/table/TicketSQL in saved charts * Allow groups to be added as requestors on tickets * Perform group searches case-insensitively on People page (#27835) * Ticket create transactions for tickets created via the web UI now contain mocked-up From, To, and Date headers; this causes them to render more correctly when forwarded * Update wording of error message for saved searches without a description (#30435) * Flush TSV download every 10 rows, for responsiveness * Retain values in Quick Create on homepage if it fails (#19431) * Limit the custom field value autocomplete to 10 values, like other autocompletes (#30190)
Darin Perusich
2015-02-26 18:16:18 +00:00
f9656be364- Use mod_perl instead of mod_fcgid as default apache2 module, which isn't available on SLE_12
Darin Perusich
2014-11-29 10:16:45 +00:00
6293ee97e7- update to 4.2.9 + General user UI * Fix Subject header during ticket printing (#30362) * Comparisons of long text Custom Fields were erroneously reporting updates (#30378) * Broken logo link for the mobile UI when used with $WebPath * No longer leak base64 data to non-english users who change a Dashboard subscription and futureproof for other Attribute updates (#24665) * Previous column selection is remembered when updating search formats (#16972) * Charts could return quadrupled data for aggregate data (such as Time Worked) depending on your rights configuration. * Charts can now be grouped by Priority * Ticket Creation form now leaves Requestor blank on page reload if you cleared it out. + Localizations * "check to delete all values" is now localized + Command-line * BeforeDue action now accepts 2D as well as 2d (#30449) * bin/rt no longer shows a default Due date unless one is configured on the Queue. Additionally, Starts and Due are served in your time zone (#20334) + Admin * Improvements to the layout of the Group Members page + Developer * Fix tests that used send_via_mailgate to properly check returns (#19156) * Improvements to rt-static-docs for generating online documentation * Proper warnings testing for cf_date tests * Remove unused code to render Rules during replies/comments * Undo a regression that meant Custom Fields passed to Ticket->Create needed to be readable by the user creating the ticket.
Darin Perusich
2014-10-30 13:20:28 +00:00
205aeee238- update to 4.2.8 This release is primarily a security release; it addresses CVE-2014-7227, a vulnerability in RT's SMIME integration enabled by CVE-2015-6271 and related vulnerabilities, known as "Shellshock." Systems which have patched bash are not vulnerable to CVE-2014-7227. + General user UI * Properly hide ticket list when MoreAboutRequestorTicketList is set to "None" + Localizations * Allow text in Squelch box on ModifyPeople page to be translatable. * Updated German, Basque, French, Hungarian, and Russian translations. + Admin * Allow $OverrideOutgoingMailFrom to key by queue id, as an alternative to name * Stop calling the deprecated _SQLLimit method when limiting by transaction date * Stop hiding the value of the AllowLoginPasswordAutoComplete setting in System Configuration (#30417) * Resolve CVE-2014-7227, arbitrary execution of code by privileged users via SMIME by way of CVE-2015-6271. + Developer * Add a ModifyMaxResults callback for Autocomplete endpoints * Properly pass collection class to ColumnMap in /Elements/TSVExport + Documentation * Update POD for AddRoleMember/DeleteRoleMember being in RT::Record::Role::Roles now, not RT::Record. A complete changelog is available from git by running: git log rt-4.2.7..rt-4.2.8 or visiting https://github.com/bestpractical/rt/compare/rt-4.2.7...rt-4.2.8
Darin Perusich
2014-10-03 13:53:27 +00:00
33f21136b1- update to 4.2.7 + General user UI * Fix algorithm for determining which links to display in ticket relationship graphs with a MaxDepth * Use "Correspondence added" or "Comment added" rather than the general "Message recorded" * Loading saved charts should load all of their settings (#29015) * Stop fixing the width of "New ticket in" button (#27649) * Record transactions in ticket history when attachments were dropped or truncated due to $MaxAttachmentSize * Still delay transaction loading when "full headers" have been requested * Add an "overdue" class on Due columns, to match DueRelative columns. * Only show "overdue" class if the ticket status is still active * Fix styling of "There are unread messages" box in aileron * Keep date and datetime custom field inputs during failed ticket creation * Silence warnings from emails without Content-Transfer-Encoding headers * Silence warnings on user modify pages for disabled users * Let custom field grouping boxes link on Display pages link to the appropriate anchor on editing pages (#30195) + Localizations * Localize "Recursive" column title in group memberships page * Additional missing locstrings for numerous titleboxes * Stop translating titles piecemeal in SelfService (#14736) * Updated Catalan, German, Basque, Italian, Japanese, Dutch, Brazilian Portuguese, and Russian translations + Command-line * Reduce values queried using "rt ls" to only those displayed; this
Darin Perusich
2014-09-11 19:47:50 +00:00
51989787d7- update to 4.2.6 + General web UI * Fix a regression introduced in 4.2.4, which caused lack of formatting of plain text when responding via the rich text editor. * Allow tables in HTML mail if the optional HTML::Gumbo dependency is installed * Fix a regression in 4.2.5 which prevented core date fields (Due, Starts, etc) from being unset (#30180) * Hide empty transaction custom fields when they have no value; this fixes a regression in 4.2.1 where transaction custom fields began displaying on all transactions. (#29757) * Allow searching on requestor city, state, zip, and country in query builder (#26960) * Don't attempt to parse IP/Date(time) CFs if the value is NULL; this prevents warnings. * Remove border-radius: 0 to allow Firefox to use native text entry widgets (#28233) * Allow Firefox to reflow the data table below the chart on rudder * Whitelist user search from CSRF restrictions * Only include closing paren in MakeClicky link if it included an open paren (#29064) * Canonicalize CF values (including dates, IP addresses, and IP ranges) before comparing to the database value; this prevents spurious "changed from a to a" messages. * Allow downloading 0-length files if they have a filename (#9050) * Quick Create now defaults to the lifecycle's default create status, instead of hardcoding "new" * Show Wikitext CFs in bulk update * Add autocompletion to link boxes on bulk update
Darin Perusich
2014-08-14 20:53:34 +00:00
eda3d4b3e3- update to 4.2.5 + Updated dependencies * Updated Email::Address::List dependency, to resolve CVE-2014-1474, as was previously announced in http://blog.bestpractical.com/2014/01/security-vulnerability-in-rt-42.html * Bump CGI dependency (under perl 5.20 and above, only) to quash warnings about CGI.pm's deprecation in core (#29053)
Darin Perusich
2014-07-10 13:15:48 +00:00
df1ee86754- update to 4.2.3 + Administrator tasks * Avoid starting a FastCGI process manager in the common case of the FastCGI process being started by the webserver, and communicating over STDIN. This restores the behavior from 4.0, where the process name is the full path to rt-server.fcgi, and not the static string "perl-fcgi-pm" or "perl-fcgi". * Automatically clean out Mason cache when updated HTML is installed during upgrades; this should prevent a common class of errors. * Fix paths in rt-importer when importing from a serialized dump which was written to an absolute path. * Additional optional upgrade script for users upgrading from RT 3.8 who previously used RT::Extension::CustomField::Checkbox. * Pass characters, not bytes, to _EncodeLOB during de-serialization; this prevents invalid UTF-8 from a serialized dump from entering the new database. * Catch and warn of additional common misconfigurations of GPG/SMIME integration. * Prevent a possible infinite loop in rt-validator --resolve if Principal records were missing; default to forcing their creation. + Localization * Localization updates from Launchpad. + General user UI * Date and DateTime customfields now pass "mandatory" validation if unchanged. * "1970-01-01" is now treated as "unset" for purposes of Date and DateTime validation. * Add Date and DateTime fields to bulk update. * Don't conduct a user search if no string was entered. * Signal if a user is disabled at the top of User Summary pages.
Darin Perusich
2014-02-20 18:39:58 +00:00
e5e6adb087- update to 4.2.1 + Oracle: * Resolve numerous issues with the 4.0 -> 4.2 upgrade steps on Oracle * In-database sessions on Oracle are no longer truncated at 8k, leading to spurious logouts + Internet Explorer: * Fix submission issues under Internet Explorer + Rich text editor: * If returning to a reply/correspond page with the back button, the rich text editor will no longer double-escape previously written content. + REST: * Fix an empty 'text/plain' part when tickets are created using the REST interface. + Other bugfixes: * Optimize transaction display code to speed up long ticket displays by short-circuiting transaction custom field checking. * Supply a default $PATH for SMIME and GnuPG under FastCGI * Support index upgrade steps on Pg when in a custom schema * Close a memory leak in ColumnMap A complete changelog is available from git by running: git log rt-4.2.0..rt-4.2.1 or visiting https://github.com/bestpractical/rt/compare/rt-4.2.0...rt-4.2.1
Darin Perusich
2013-11-19 14:04:42 +00:00
c7d155cd21- use usermod to modify groups entries - create unique UID
Darin Perusich
2013-11-04 17:53:09 +00:00
e9923338ba- update %pre so groupadd/useradd are always called
Darin Perusich
2013-11-04 16:51:45 +00:00
42e98b1e90- fix so rt_localstatedir is not a %ghost
Darin Perusich
2013-10-29 15:13:10 +00:00
8004a90895trigger service run
Darin Perusich
2013-10-09 17:27:49 +00:00
94c63949ff- Set rt_localstatedir to %{_var}/lib/%{name}, as /var/run is now tmpfs and will disappear after reboot and this data needs to be persistant.
Darin Perusich
2013-10-08 18:02:20 +00:00
01874685b1Accepting request 202176 from home:deadpoint:branches:devel:languages:perl
Darin Perusich
2013-10-04 17:10:49 +00:00
434113752d- update to 4.0.17 * fixes an important regression in the upgrade script included in 4.0.14, 4.0.15, and 4.0.16 A complete changelog is available from git by running: git log rt-4.0.15..rt-4.0.17 or visiting https://github.com/bestpractical/rt/compare/rt-4.0.15...rt-4.0.17
Darin Perusich
2013-08-05 11:19:42 +00:00
0f3f463090- update to 4.0.15 Features * Ticket watcher searches that involve a large number of ORs will now use a much-improved SQL query, instead of the old many-join solution. * Do a better job wrapping text before quoting it in a reply. * Simple search now supports @example.com to search for tickets requested by users with email addresses ending in @example.com. * If our display parsing of an HTML attachment fails for known reasons, a better error message is provided, directing admins to contact us with a sample.
Darin Perusich
2013-07-26 11:31:50 +00:00
60ca98954e- add su call to logrotate script for newer openSUSE versions
Lars Vogdt
2013-07-01 00:25:03 +00:00
dc2c0e71d0- add hint to read the README.SuSE first before the README in case of an upgrade
Lars Vogdt
2013-06-06 07:04:28 +00:00
a7a1589773- Update 40 4.0.12 Features * Date and DateTime Custom Fields now have the same 'smart' date parsing that core RT date fields have. * Improved logging when the sending of a Correspond or Comment fails. * The Quick Search preferences page now has Select/Clear All buttons. * Unprivileged users can now change Language and Time Zone. * Warn MySQL users if their max_allowed_packet is dangerously low. Bugfixes * Repair 4.0.11 regression where red background on Reply with the RichText Editor was lost. * Quiet warnings in the verbose user format. * Allow changing the case of a Group's name (prevented by earlier code stopping you from having two groups with the same name). * Allow changing the case of a Class's name. * Avoid warnings when using empty Templates. * Update our InnoDB checks for MySQL 5.6 compatibility. * Clarification of when SetOutgoingMailFrom and OverrideOutgoingMailFrom are available. * Improve layout of collection lists in IE. * Fix Attach more files button in Self Service. * Set caching headers on autocomplete endpoints. * Restore and improve prematurely deleted documentation for DontSearchFileAttachments. * Correct the encoding of Dashboard email Subject headers. * Fix the default roles on User->WatchedQueues. * Document the need to grant SeeCustomField in UPGRADING-3.4. * Nudge menus below the shadows in aileron. * Fix missing headers and a syntax error in the /REST/1.0/attachment/NN endpoint.
Darin Perusich
2013-05-02 12:20:04 +00:00
e8f89b7ae2- Update to 4.0.11 Bugfixes * Fix description of the ModifyACL right on Classes. * Allow sorting by a Queue's SubjectTag (in the admin UI). * Reminders attached to tickets in the deleted status now no longer throw errors. * Custom Fields containing & were not being displayed properly in search results. * Validate usernames properly on rename as well as during creation. * Remove user preference for 'Number of search results' since it was unused and conflicted with the option on the My RT at a Glance configuration page. * Clean up temp files left behind by the REST interface. * Recipients and Scrips box on Ticket reply/comment pages retain checkbox state when uploading attachments or including articles or otherwise reloading the page. * Charts are no longer hidden by the print css. * Date Custom Fields should ignore time zones. * rt-crontool no longer throws an error on --help or other error conditions. * When choosing the Shredder link from search results, correctly select the Tickets plugin. * Bring back an Article quick search missing since before 4.0.0. * The default $ExtractSubjectTagMatch no longer removes [comment] from mail with subjects like [comment] [rtname #1]. * In the Class PageMenus, load a Class not a CustomField to validate the id. * Date Custom Fields now parse strings like 'today' in the user's timezone. * Username and Password are now the same length on IE8/9. * External Custom Fields can now be changed back to internal
Darin Perusich
2013-04-09 20:39:31 +00:00
f75c9c9a19- Added Source for README.SuSE
Darin Perusich
2013-02-25 17:08:12 +00:00
91d10e3215- Added README.SuSE to %doc
Darin Perusich
2013-02-19 13:58:35 +00:00
42ec4525b7- update to 4.0.10 Bugfixes * CF values are no longer possibly lost during ticket creation; see above for a complete description * Updated localizations, including a new Slovak translation * Error titleboxes now render properly when they have collapse icons * Restore a missing </form> tag on the mobile login * Allow non-uris in Link transactions * Bulk Update maintains the previous value of the "Told" box on page reload * Simple Search no triggers queue-searching behavior when passed a disabled Queue names * We now find localizations expressed as ( qw(a b c)) * Only attempt to update Told if the correspond succeeded git log rt-4.0.9..rt-4.0.10 or visiting https://github.com/bestpractical/rt/compare/rt-4.0.9...rt-4.0.10
Darin Perusich
2013-01-30 13:39:20 +00:00
9ba23b2fe0- update to 4.0.9 Bugfixes * IE8/9 are encouraged never to use compatibility mode. * User autocompletes on Oracle now work. * Disabled personal groups hiding out from 3.8 are cleaned out. * When upgrading from 3.8 to 4.0 the article upgrade points to the correct upgrading documentation. Features * The Rights Editor now keeps track of the user/group and tab selected when submitting and switching between states. * Allow bookmarking tickets from the mobile interface. * Warn less when your RT is behind a proxy. * New CheckMoreMSMailHeaders config option that tries harder to detect outlook and repair weird linespacing issues in text parts. Documentation * Lifecycle documentation separate from the RT_Config.pm docs. * Document how to use the Style Editor and how to add your own CSS. * Document basic approvals configuration. * Improve documentation and examples for CreateTickets action Development * Improve SQL logging on record creation and the autocompleter. * Improve the debugging mason errors to include a stack trace. * Ensure tests never run in the local locale (which can cause interesting failures). * Catch and error if we throw warnings in tests.
Darin Perusich
2013-01-17 14:31:17 +00:00
feb5c6d5d9- update to 4.0.8: This release, in addition to being a bugfix release, also resolves a number of security vulnerabilities. It resolves CVE-2012-4730, CVE-2012-4731, CVE-2012-4732, CVE-2012-4734, CVE-2012-4735, and CVE-2012-4884.
Lars Vogdt
2012-11-24 14:17:20 +00:00
137b95ee1e- update to 4.0.6: + This resolves the following security vulnerabilities: CVE-2011-2082, CVE-2011-2083, CVE-2011-2084, CVE-2011-2085, CVE-2011-4458, CVE-2011-4459, and CVE-2011-4460. + Remove CSS3PIE, which simply added rounded corners on IE7 and IE8, as it was causing numerous crashes of IE. + Show the current status in the status dropdown during ticket update, to allow forced setting of the status. This functionality was available in RT 3.8, and is now being reinstated. + Use SearchBuilder queue limits to restrict what statuses and owners are displayed in drop-downs. + Make "New Ticket" a top-level SelfService menu item. + Display Lifecycle column correctly in queue admin lists. + Allow >64k attributes on MySQL; this is particularly useful for logos uploaded via the theming editor. + Remove two dependencies from the RT mailgate. + Adding new arbitrary links to tickets now works as expected in the REST interface. + Subject: lines in Forward Ticket templates are now respected. + Sort ticket link numbers numerically, not alphabetically. + Ticket reminders are no longer copied when creating a linked ticket; article and http:// links now are, however. + Use relative links (with no hostname) more consistently. + Correctly deal with non-ASCII attachment filenames which make use of MIME parameter value continuations. + Find queue-level CFs first in REST interface when there are duplicates by name. + Fix graphing of searches which reference Updated and other transaction-based limits. + Reminder statuses on open and resolve are now configurable
Darin Perusich
2012-05-31 13:33:33 +00:00
5ecfe5f6b4- update to 4.0.5: + Greatly improved print CSS + New Config option - HideResolveActionsWithDependencies removes actions such as Resolve from the action menu on tickets with outstanding dependencies + New Config option - AutocompleteOwnersForSearch allows admins to force an Owner autocompleter in the Query Builder + New Config option - NoTicketInterfaceForApprovals redirects users to the Approvals interface if they visit an Approval ticket in the regular RT UI + Improved Simple Search documentation and new 'any' keyword for any status + Improved case insensitivity in the User and Custom Field Autocompleters + new --enable-ssl-mailgate configure option and rt-mailgate options to assist with setting rt-mailgate up to talk to your ssl enabled RT server + More improvements to email quote detection to handle Outlook quoting + The CreateTickets action now supports adding Groups as Watchers + httpurl_overwrite no longer inserts spaces into your URLs + Added NBSP as a search column in the Query Builder + Maintain Approved/Denied state in the radio button on past Approvals + Fixes for Bookmarked ticket searches + Bugfixes for OverrideOutgoingMailFrom and sending bounces + More consistent ordering of Articles + Improvements to menu internals, including fixes for Search collections and localization of key names + Preserve Content-Disposition when redistributing mail + Improved PGP handling for .asc attachments with misleading content-types + By default, RT's session cookie will not be available to javascript + Allow Charts to be grouped by Told. + Test and localization cleanups.
Lars Vogdt
2012-03-13 21:32:30 +00:00
8f9c3c6021- create %{rt_localstatedir}/data/RT-Shredder during init, so the shredder can work per default - fix license to be in spdx format - added a more descriptive message in the database backend README files.
Lars Vogdt
2012-03-12 19:56:21 +00:00
4c9463c855fix license to be in spdx format
Lars Vogdt
2012-03-12 19:25:26 +00:00
b9a0f0284eadded a more descriptive message in the database backend README files.
Lars Vogdt
2012-03-12 19:24:56 +00:00
43191976affix rt-clean-mason-cache to clean only mason_data/obj
Lars Vogdt
2012-01-12 00:16:41 +00:00
06f046e2dd- update to 4.0.4: This release contains a number of bugfixes and small improvements since the 4.0.2 release; a few of the more notable ones include: + Due to a change in RT 3.8.9, which also affected RT 4.0.0 and higher, TransactionBatch scrips were run twice; this has now been fixed. + A new toggle has been added to expand all quote folding in a ticket's transaction history. + New "On Forward", "On Forward Transaction" and "On Forward Ticket" conditions have been added. + Ticket searches no longer forget which saved search they were loaded from when being updated. + A new "make jsmin" target has been added to aid in downloading, compiling, and installing jsmin. + Improved threading for automatically generated emails concerning a ticket. + Improved detection of Outlook-style message fowarding headers. + No longer error when a user has supplied a non-existant RT style; instead, fall back to the default. This is particularly relevant for users coming RT 3.8 with the 3.6 stylesheet applied, which no longer exists in 4.0. + Improved handling of files named "0", and Unicode filenames, in file uploads. + Tickets can no longer be linked to deleted tickets. + Restore missing menus on simple search result pages. + Fix support for perl 5.12 and later by removing a deprecated use of "defined %hash". - install rcrequest-tracker symlink - fix FSF address in init script - ignore the init-script-without-%restart_on_update-postun warning from rpmlint: the init script just creates missing directories
Lars Vogdt
2011-12-30 10:57:16 +00:00
6e44172c4dremove vendor
Stephan Kulow
2011-11-18 09:22:25 +00:00
c5d57f262fosc copypac from project:home:lrupp:request-tracker package:request-tracker revision:34
Lars Vogdt
2011-11-01 13:11:52 +00:00
Adam Majer
Lars Vogdt
Dirk Stoecker
Martin Caj
Darin Perusich
Stephan Kulow